Cybersecurity Series
Cyber Security_Blog_with Book

CIR PM Relooking at Existing Cyber Security Initiative

Most organisations have a cybersecurity plan.  However, it is imperative that the organization needs to know why it needs to implement a cyber security incident response plan  (CIR) program first. A CIR plan prepares the organisation to mitigate and respond to cyber security threats.

The BCM team needs to realize that cyber security attacks on the organization affect them indirectly.

Part of the reasons for implementing the cyber security program is to identify the relationship between cyber security and BCM. The BCM team needs to be ready should business functions be affected.

Reference: Chapter 5 Project Management 5.10 Conclusion

Moh Heng Goh

Relooking at Existing Structure and Initiatives

C6 CIR Relook Structure and InitiativesThe organization needs to know why it needs to implement a cyber security program first. A CIR plan prepares the organisation to mitigate and respond to cyber security threats.

The BCM team needs to realize that cyber security attacks on the organization affect them indirectly.

Part of the reasons for implementing the cyber security program is to identify the relationship between cyber security and BCM. The BCM team needs to be ready should business functions be affected.

1. Relook at the Existing Structure

An organization must relook at its existing organizational structure before tackling cyber security. An organization can have many different business units. However, the organization must identify who is responsible for business continuity and cyber security or if a professional is assigned to do both.

Employees and their teams must be identified so that they are aware of the responsibilities they will be executing besides their routine duties. Suppose an organization chooses to segregate its BCM and cyber security team. In that case, there needs to establish a relationship between them in scenarios where a cyber security attack attacks an application/ hardware/ software required to carry out a CBF.

2. Understand the Organisation's Products and Services


The organization needs to know the products or services they are offering its customers and the associated business functions operating to provide these products or services.

The BCM team and the business unit representatives identify their respective business functions that allow products/services to be consistently offered to the customers. In contrast, the cyber security team identifies the data, hardware, software, and application necessary to perform CBFs.

This information gathered by each of the respective business unit teams needs to be understood and documented collectively to see their relationships and interdependencies.

3. Create a Composite Group for Cyber Security

The organization has to identify all relevant parties apart from the IT unit when tackling cyber security issues. Both internal and external parties have a role in tackling cyber security.

These parties need to have an opportunity to voice their concerns and realize how they can contribute to the overall cyber security aspect of the organization.

4. Establish a Clear Scope for CyberSecurity

The organization has to establish scope to understand what its cyber security entails. This provides direction for the development of the CIR plan. The BCM team can incorporate some processes, such as Risk Analysis and Review and Business Impact Analysis, to define areas where BCM and cyber security are related.

For example, the organisation's potential threats are identified during risk identification. During this process, cyber security threats can be included.

5. Accountability of Leadership

Leadership needs to be established at the beginning. This enables effective response and decision-making. Typically, an organization identifies representatives (leaders) from each department to be part of the business continuity planning team.

Inputs and concerns from the respective departments can be put across. This business continuity team can align itself to focus on cybersecurity issues and associated business operations.

Related Topics for CIR Project Management

5.5.1 Cyber Security Specific Scope 5.6 Scenario Development 5.7.1 BCM Team Structure for CIR 5.7.2 Cyber Security Team Structure
New call-to-action New call-to-action New call-to-action New call-to-action
5.8 BCM and Cyber Security Framework 5.9 Relationships Between the BCM & CIR Structures 5.10.1 Relook at Existing Structure and Initiatives  
New call-to-action New call-to-action C6 CIR Relook Structure and Initiatives New call-to-action

 


BCMI Logo

Do You Want to Continue BCM Training onsite or online?

Competency-based Course
Certification Course
New call-to-action New call-to-action [BL-3-Catalog] What Specialist Level Blended Learning Courses that are Available? [BL-5-Catalog] What Expert Level Blended Learning Courses that are Available?

A Manager’s Guide to BCM for Cybersecurity Incident Response

Goh, M. H. (2017). A Manager's Guide to Business Continuity Management for Cyber Security Incidents, 2nd Edition. GMH Pte Ltd.

Reference: Chapter 5 Project Management 5.10 Conclusion

Note:  This version was the draft 2nd Edition being updated in 2022. The numeric in the square bracket [X-X] cross-refers to the actual chapter and section in the 1st Edition.

 

 

Comments:

 

 

More Posts

New Call-to-action